castor-load-custom
Advanced tools
Comparing version 1.6.1 to 1.6.2
{ | ||
"name": "castor-load-custom", | ||
"version": "1.6.1", | ||
"version": "1.6.2", | ||
"description": "custom loader for castor", | ||
@@ -31,3 +31,3 @@ "main": "index.js", | ||
"notevil": "^0.8.1", | ||
"JSONSelect": "git+https://github.com/touv/JSONSelect.git" | ||
"JSONSelect": "https://github.com/touv/JSONSelect/archive/master.tar.gz" | ||
}, | ||
@@ -34,0 +34,0 @@ "peerDependencies": { |
HTTP dependency
Supply chain riskContains a dependency which resolves to a remote HTTP URL which could be used to inject untrusted code and reduce overall package reliability.
Found 1 instance in 1 package
Git dependency
Supply chain riskContains a dependency which resolves to a remote git URL. Dependencies fetched from git URLs are not immutable can be used to inject untrusted code or reduce the likelihood of a reproducible install.
Found 1 instance in 1 package
15398